[Cryptography] Is it mathematically provably impossible to construct a mechanism to test for back doors in programs?

Phillip Hallam-Baker phill at hallambaker.com
Thu Jun 5 21:38:15 EDT 2014


On Thu, Jun 5, 2014 at 2:20 PM, Bear <bear at sonic.net> wrote:
> On Tue, 2014-06-03 at 13:03 -0400, Phillip Hallam-Baker wrote:
>
>> Now obviously there is a theoretical possibility that they all might
>> collude and default but it is pretty unlikely that they would and it
>> would certainly be noticed. I think that is far better in practice
>> than the BitCoin block chain with its known vulnerability to unwinding
>> transactions.
>
> No, it isn't a theoretical possibility.  It *IS* the threat model,
> because we're now talking about adversaries with the capability to
> *FORCE* that collusion regardless of whether the entities involved
> are willing to collude.
>
> Basically, what you're betting on is that someone on your list is
> both willing to go to jail and able to defeat professionals who
> have had time to prepare their tactics around the possibility and
> who can choose their time and place of intervention to limit the
> ability of any such willing person to get the warning out.

No, it is A threat model. Don't use the definite article when it does not apply.

And not a very good one. And there is still no possibility of default
that can't be noticed by an external passive audit party.

Collusion between the notaries only enables them to rewrite parts of
the log that have not been made public already.

I can't even revoke a few certs without someone decompiling Mozilla's
latest update, extracting the CRLs and squawking.

The NSA will do a lot when they don't think anyone will notice. The
term is 'NOBUS' Nobody but us. They do not do stuff that attracts
public attention. Threatening the German and Brazilian governments to
unwind a national notary to intercept private communications without a
warrant is not going to happen.

Remember that the current President of Brazil lived under the
government that Nixon and Kissinger installed with the help of NSA
intelligence. The US colonels helped the Brazilian colonels murder
some of her friends.


More information about the cryptography mailing list